corporate-policy – Page 9 – WindowsTechs.com

Work from home, remote monitoring software, vpn, privacy

Posted on June 16, 2017 by user12377

So I work for a company where I make and receive phone calls and connect to remote servers and workstations. I work from home, use a company laptop and connect to the company’s network via software VPN . The hardware setup i… Continue reading Work from home, remote monitoring software, vpn, privacy→

Is there a specification for the color values representing information classification levels for the United States? [closed]

Posted on June 12, 2017 by Evil Closet Monkey

Executive Order 13526 section 1.2.⁠ Specifies Information may be classified as Top Secret, Secret, and Confidential. The absense of a classification is Unclassified.

US Classification Levels are used to mark the classification level of do… Continue reading Is there a specification for the color values representing information classification levels for the United States? [closed]→

Pin change policy for RSA SecurID

Posted on June 6, 2017 by sam

My company permits remote access with authentication that includes:

username
password/phrase (20+ characters)
User selected PIN + RSA SecurID token code

Our passwords are required to be changed every 6 weeks, and of cours… Continue reading Pin change policy for RSA SecurID→

Infosec Violation Notice

Posted on April 22, 2017 by aron13

A few of my teammates received an infosec violation notice for using the login ID of one of the members to access a database tool (it usually takes 24 hrs to get the ticket approved, so many times if one of teammate gets the … Continue reading Infosec Violation Notice→

How does the use of Microsoft-branded Azure products affect my privacy policy?

Posted on April 18, 2017 by LamonteCristo

I have an existing on premise infrastructure which I’m considering moving to Azure. On that platform, there are products that enhance my security, presumably by collecting metadata (IP, session, etc).

Right now I have a priv… Continue reading How does the use of Microsoft-branded Azure products affect my privacy policy?→

How do I configure Symantec AV to permit pentesting tools without compromising my organization’s network and my host computer?

Posted on March 5, 2017 by riponsecurity

When performing penetration testing for work, I often have to turn off Symantec Endpoint Protection in order to use certain payloads with Burp Suite and I recently had to do this for something as simple as WPScan (in a Kali V… Continue reading How do I configure Symantec AV to permit pentesting tools without compromising my organization’s network and my host computer?→

How do I configure Symantec AV to permit pentesting tools without compromising my organization’s network and my host computer?

Posted on March 5, 2017 by riponsecurity

Amazon Echo/Dot on your network

Posted on February 23, 2017 by orion3999

I have been tasked with coming up with if we should or should not allow Amazon Echo/Dot devices on our network.

Below is the reasons I have come up with so far. This is still the rough list.

The amazon Echo/Dot cannot be m… Continue reading Amazon Echo/Dot on your network→

Is it acceptable for an employer to install a self-signed root certificate on employees personal devices at home?

Posted on February 23, 2017 by 0xDEAD_BEEF

At work, my employer uses a self-signed root certificate to MITM all of our SSL/TLS traffic. Many of our internal certificates used by various micro-services and internal websites are also signed by this certificate.

I have … Continue reading Is it acceptable for an employer to install a self-signed root certificate on employees personal devices at home?→

Firewall – Vulnerability Assessment and Penetration Testing [on hold]

Posted on February 18, 2017 by Tushar

Want to perform VA/PT for Cyberoam Firewall in company. What methods or tools to be used.

Continue reading Firewall – Vulnerability Assessment and Penetration Testing [on hold]→